Patient data stolen in major hack of Norway’s health-care service

Reports from media in Norway are showing a concerning data breach in the country's health-care service that resulted in patient data being stolen. According to the Norwegian newspaper Verdens Gang, the large breach by "an advanced actor" was the result of a hacking campaign against Health South-East RHF. Health South-East RHF, according to the paper, "serves 2.9 million of the country's inhabitants" and has been working actively with authorities to mitigate any damage done by this attack.

Motives behind the attack are unclear and it has not been determined whether an individual or hacking collective was responsible for the data breach. The hack was first noticed by HelseCERT, which is Norway's health-care CERT division. HelseCERT picked up abnormal activity taking place in the network of Health South-East. Soon after this discovery, the IT division at Sykehuspartner HF, owners of Health South-East, spearheaded the investigation that uncovered the reality of sensitive patient data being obtained in a hacking incident.

The investigation is ongoing but government officials are trying to quell anxiety about the breach. In a statement released not long after the attack's discovery, Norway's Ministry of Health and Care said that "there is so far no indication that the theft has had consequences for patient safety." The dangers are there, however, so hospitals have been advised on how to handle this situation as it unfolds. This fact was covered with the following statement in the news release:

This is a serious situation and there are steps to mitigate the damage in connection with the break-in. Whenweknowthatitisin progresssuchactivityisfocusedonoursystems,itisimportantthatallstaffin the healthservicefollowtheadvicethatappliesto the useofICTin theservice.

In the weeks that follow this breach, the investigation via incident response teams will at the very least determine the methods used by the threat actors. This may give some clue as to who was responsible, and more importantly, why they stole the patient data and what they intend to do with it. Until then, millions of Norwegians affected by this will feel uneasy knowing criminals have access to their sensitive health records.